Solaris Operating System Network Intrusion Detection :: SC-345

ExitCertified US

ExitCertified Canada English

ExitCertified Canada French



	start > courses and registration > training feature sheet

Solaris Operating System Network Intrusion Detection :: [SC-345]

course schedule			who can benefit
prerequisites			skills gained
other notes			course content
related solutions

code.

SC-345

length.

5 days

type.

Instructor-Led

partner.

Sun Microsystems

price.

$3,500 :: $2,975 GSA GOV.

The Solaris Operating System Network Intrusion Detection course provides students with the knowledge and skills necessary to perform the advanced administration skills required to firewall, monitor, log, identify and respond to network security breaches.

course schedule

There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links below.

who can benefit

Students who can benefit from this course are experienced system administrators who are tasked with protecting Sun Solaris systems in a non-trusted environment such as the Internet or a LAN environment with multiple unknown/untrusted users.

prerequisites

To succeed fully in this course, students should be able to:

	Install, configure, and maintain a Solaris product line server
	Configure a Solaris NIC for LAN and Internet access
	Have a firm understanding of the TCP/IP protocol stack and IP routing
	Configure Solaris logging daemons like syslog
	Install open source utilities like tcpdump and libpcap

skills gained

Upon completion of this course, students should be able to:

	Identify and protect against design flaws in standard networking protocols (such as TCP, UDP, IP, ICMP, SSL, SSH, HTTP and ARP)
	List possible ways that an intruder can gather information about a server or a whole network
	Describe all types of network based security attacks like SYN/ACK attack, man-in-the-middle attack, ARP spoofing, session hijacking and Buffer Overflow attacks
	Install a Network Intrusion Detection System and a host based firewall
	Identify, in real time, a network security breach and respond

related courses, exams and materials

	before related training and products

	SA-389 Solaris 8 OS-TCP/IP Network Administration
	SC-300 Administering Security on the Solaris OS

course content details

	Module 1 - Ethernet and IP Operation

	Review OSI network model
	Review application and network service layers
	Identify Ethernet security issues
	Review IPv4 addressing
	Understand IP fragmentation
	Identify ICMP security issues
	Implement basic traffic capture and analysis

	Module 2 - IP and ARP Vulnerability Analysis

	Identify IP security issues
	Describe IP routing and routing protocol security
	Protect against IP abuse
	Identify ARP security issues
	Execute attacks against ARP
	Protect against ARP abuse
	Implement advanced packet capture and analysis

	Module 3 - UDP/TCP Protocol and TELNET Vulnerability Analysis

	Discuss characteristics of UDP and TCP
	Identify TCP security issues
	Describe common TCP abuses: SYN attack, sequence guessing, connection hijacking
	Discuss characteristics of TELNET
	Identify TELNET security issues
	Execute attacks on TCP and TELNET
	Protect against TCP and TELNET abuse

	Module 4 - FTP and HTTP Vulnerability Analysis

	Discuss characteristics of FTP
	Describe FTP transfer methods and modes
	Identify FTP security issues
	Describe common FTP abuses: FTP bounce attack, port stealing, brute force
	Discuss characteristics of HTTPv1.1
	Describe role of HTTP proxy servers and HTTP authentication
	Identify HTTP security issues
	Describe common HTTP abuses: path name stealing, header spoofing, proxy poisoning
	Execute attacks on FTP and HTTP
	Protect against FTP and HTTP abuse

	Module 5 - DNS Vulnerability Analysis

	Discuss characteristics of DNS
	Identify DNS security issues
	Describe common DNS abuses: DNS spoofing, DNS cache poisoning, unauthorized zone transfers
	Execute attacks on DNS
	Protect against DNS abuse

	Module 6 - SSH and HTTPS Vulnerability Analysis

	Discuss characteristics of SSH
	Describe differences between SSH1 and SSH2 protocol
	Identify SSH security issues
	Describe common SSH abuses: insertion attack, brute force attack, CRC compensation attack
	Describe characteristics HTTPS (SSL)
	Discuss other SSL enabled protocols
	Identify SSL issues
	Describe common SSL abuses: man-in-the-middle and version rollback attack

	Module 7 - Remote Operating System Detection

	Use standard system commands and exploit default settings to guess remote operating systems
	Use open source utilities to guess remote operating systems by scanning open ports
	Describe TCP/IP stack fingerprinting
	Install and use nmap for remote OS detection

	Module 8 - Network Attack Techniques and Basic Attack Detection

	Identify sources of network attacks
	Discuss methods of intrusion
	Describe common network attacks: denial-of-service, software buffer overflow, poor system configuration, password guessing/cracking
	Describe a typical intrusion scenario
	Introduce the concept of an Intrusion Detection System (IDS)
	List some of the most popular IDS tools: Klaxon, Portsentry, snort
	Implement basic scan detection

	Module 9 - Implementing Intrusion Detection Technologies

	Identify the difference between host based and network based IDS
	Discuss different types of IDS implementation: hybrid NIDS and honeypots
	Describe core components of a NIDS using the snort NIDS
	Compile and install the snort NIDS

	Module 10 - Advanced NIDS Configuration

	Discuss advanced snort features like "real time response" and snort log monitors
	Install a database (mysql) to log snort alerts
	Install the graphical user interfaces (GUI) Demarc and ACID to better interpret snort logs by querying the snort database
	Generate outside attacks that trigger snort alerts
	Interpret GUI snort monitors to identify attack

	Module 11 - Writing snort rules

	Describe the different components of a snort rule
	Configure different snort rule options
	Write custom snort rules to watch for specific traffic patterns
	Execute attacks against custom snort rules and interpret GUI snort monitors to identify attacks

	Module 12 - Solaris Routing

	List requirements for a Solaris host to be a router
	Implement a Solaris host as a router
	Use the ndd utility to secure a Solaris router

	Module 13 - Solaris Firewalls

	Describe different types of Solaris firewalls: application firewalls and packet filters
	Identify two of the most common Solaris firewall products: Sunsceen Lite and IPfilter
	Learn firewall policy basics
	Write firewall rules for network or host based firewalls
	Install an IPfilter firewall on a Solaris host

	Module 14 - Solaris Network (NAT) and Port Translation (PAT)

	Describe NAT and PAT concepts
	Implement NAT to secure a private network behind a Solaris firewall

Organize your IT training. Contact an expert training consultant to put together the best training package for your organization.

Save on Sun Microsystems Training

Refresh your IT training.

	go to top

© 2008 ExitCertified. All rights reserved.

terms of use and disclaimer :: privacy policy :: webmaster :: link to us

Sacramento Training :: 916.669.3970 | Las Vegas Training :: 1.800.803.EXIT (3948) | San Francisco Training :: 415.975.3948 | San Jose Training :: 408.288.EXIT (3948)
Phoenix, Arizona Training | Los Angeles, California Training | San Diego, California Training | Broomfield, Colorado Training | Fort Lauderdale, Florida Training
Tampa, Florida Training | Atlanta, Georgia | Downers Grove, Illinois | Kansas City, Kansas Training | Portland, Maine Training | Baltimore, Maryland Training | Burlington, Massachusetts Training
Troy, Detroit, Michigan Training | Minneapolis, Minesota Training | St. Louis, Missouri Training | Omaha, Nebraska Training | Edison, New Jersey Training | New York City, New York Training
Raleigh, North Carolina Training | Columbus, Ohio Training | Philadelphia, Pennsylvania Training | Nashville, Tennessee Training | Dallas, Texas Training
Houston, Texas Training | Hampton, Virginia Training | Madison, Wisconsin Training | Seattle, Washington Training

ExitCertified is a global provider of authorized technology training. Some of our popular course topic searches include:

Java Training | J2EE Training | JSP Training | Java Courses | Servlets Training | EJB Training | Struts Training | Networking Courses | Solaris Training
Red Hat Training | SUSE Training | XML Training | Oracle SQL | Oracle PL/SQL | DBA Training | DBA Certification | Oracle Certification
RedHat Training | Solaris Certification | Java Certification | Veritas Certification | PeopleSoft Training | 11g Training | 11g Certification
RedHat Courses | SQL Training | 10g Training | 9i Training | Application Development Training | Certified Training | Corporate Training
Government Training | Course Catalogue | Training Schedule | Certification Training | Project Management Training | Linux Training
Solaris 10 Training | Unix Training | NetBackup Training | Virus Protection Courses | Education Technology Newsletter | zSeries Training
s/390 Training | iSeries Training | DB2 Training | OS/400 Training | AIX Training | Rational Courses | PMI Training | Project Management Training
SeeBeyond Training | Java Composite Application Platform (JCAPS) Training | MySQL Training | MySQL Database Course | Hyperion Training | Fusion Middleware

sun microsystems training | veritas training | linux training | mysql training | symantec training
oracle training| project management training | ibm training | netapp :: network appliance training